Overview#
OAuth Token Response is a process following the OAuth Token Request where Authorization Server:- authenticates the OAuth Client
- validates the Authorization Code
- ensures that the Redirect_uri received matches the URI used to redirect the OAuth Client in step (C).
If validation is successful, the Authorization Server responds to the OAuth Client with a response with the following parameters as described in Section 4.1.4 of OAuth 2.0 RFC 6749. The response SHOULD be encoded using UTF-8 RFC 3629.
- access_token - REQUIRED - Access Token for the UserInfo Endpoint.
- token_type - REQUIRED - OAuth 2.0 Token Type value. The value MUST be Bearer, as specified in OAuth 2.0 Bearer Token Usage RFC 6750, for Clients using this subset.
- id_token - REQUIRED(assuming it is a OpenID Connect ) - ID Token.
- expires_in - OPTIONAL - Expiration Time of the access_token in seconds since the OAuth Token Response was generated.
- refresh_token - OPTIONAL - Refresh Token
The OAuth Client can then use the access_token to access protected Resources at Resource Servers.
The following is a non-normative example (with line wraps for the display purposes only):
HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-cache, no-store Pragma: no-cache { "access_token":"SlAV32hkKG", "token_type":"Bearer", "expires_in":3600, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", "id_token":"eyJ0 ... NiJ9.eyJ1c ... I6IjIifX0.DeWt4Qu ... ZXso" }
More Information#
There might be more information for this subject on one of the following:- [#1] - 2.1.6.2. Client Receives Tokens
- based on information obtained 2018-02-19-